Warning: Permanently added '10.128.15.195' (ECDSA) to the list of known hosts. 2020/03/05 16:23:41 parsed 1 programs 2020/03/05 16:23:41 executed programs: 0 2020/03/05 16:23:46 executed programs: 58 2020/03/05 16:23:51 executed programs: 124 2020/03/05 16:23:56 executed programs: 190 [ 75.5457961] panic: ASan: Unauthorized Access In 0xffffffff8117ff15: Addr 0xffffb380121a9158 [8 bytes, read, PoolUseAfterFree] [ 75.5589124] cpu0: Begin traceback... [ 75.5658127] vpanic() at netbsd:vpanic+0x241 [ 75.6058946] snprintf() at netbsd:snprintf [ 75.6359384] kasan_report() at netbsd:kasan_report+0x98 [ 75.6760135] __asan_load8() at netbsd:__asan_load8+0x294 [ 75.7060657] mutex_oncpu() at netbsd:mutex_oncpu+0x38 [ 75.7461390] mutex_enter() at netbsd:mutex_enter+0x1a1 [ 75.7761973] pool_put() at netbsd:pool_put+0x86 [ 75.8062452] pmap_enter_ma() at netbsd:pmap_enter_ma+0x1012 [ 75.8362994] pmap_enter_default() at netbsd:pmap_enter_default+0x60 [ 75.8763758] uvm_fault_upper_enter.isra.6() at netbsd:uvm_fault_upper_enter.isra.6+0x17b [ 75.9164469] uvm_fault_internal() at netbsd:uvm_fault_internal+0x194d [ 75.9464968] trap() at netbsd:trap+0xcbb [ 75.9565156] --- trap (number 6) --- [ 75.9765510] 403d21: [ 75.9765510] cpu0: End traceback... [ 75.9765510] fatal breakpoint trap in supervisor mode [ 75.9866533] trap type 1 code 0 rip 0xffffffff8021e4b5 cs 0x8 rflags 0x246 cr2 0x628000 ilevel 0 rsp 0xffffb3817e8cb360 [ 75.9991497] curlwp 0xffffb380120c3580 pid 1226.1 lowest kstack 0xffffb3817e8c42c0 Stopped in pid 1226.1 (syz-executor.2) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 db_panic() at netbsd:db_panic+0xe9 vpanic() at netbsd:vpanic+0x241 snprintf() at netbsd:snprintf kasan_report() at netbsd:kasan_report+0x98 __asan_load8() at netbsd:__asan_load8+0x294 mutex_oncpu() at netbsd:mutex_oncpu+0x38 mutex_enter() at netbsd:mutex_enter+0x1a1 pool_put() at netbsd:pool_put+0x86 pmap_enter_ma() at netbsd:pmap_enter_ma+0x1012 pmap_enter_default() at netbsd:pmap_enter_default+0x60 uvm_fault_upper_enter.isra.6() at netbsd:uvm_fault_upper_enter.isra.6+0x17b uvm_fault_internal() at netbsd:uvm_fault_internal+0x194d trap() at netbsd:trap+0xcbb --- trap (number 6) --- 403d21: ds 35e0 es 480 fs b340 gs b390 rdi ffffb3800d92d488 rsi ffffb380120c3838 rbp ffffb3817e8cb360 rbx ffffffff82810480 cpu_info_primary rdx 2 rcx ffffffff80d14f71 db_panic+0xd5 rax 0 r8 4 r9 1ffffffff0554be8 r10 ffffffff82aa5f43 db_onpanic+0x3 r11 8000000000 r12 ffffb3816d8a4000 r13 ffffffff82440ae8 ostype+0x4e268 r14 ffffb3817e8cb3f0 r15 ffffb3816d893068 rip ffffffff8021e4b5 breakpoint+0x5 cs 8 rflags 246 rsp ffffb3817e8cb360 ss 0 netbsd:breakpoint+0x5: leave PID LID S CPU FLAGS STRUCT LWP * NAME WAIT 1237 1 2 0 0 ffffb3801219a100 syz-executor.5 1220 1 2 0 0 ffffb380121bd180 syz-executor.4 1226 2 3 1 80 ffffb38012156740 syz-executor.2 parked 1226 > 1 7 0 10000000 ffffb380120c3580 syz-executor.2 840 2 3 1 80 ffffb38011f4aac0 syz-executor.0 parked 840 1 2 0 0 ffffb380121422c0 syz-executor.0 1169 2 3 0 80 ffffb38013d431c0 syz-executor.1 parked 1169 1 2 0 10000000 ffffb38012165780 syz-executor.1 535 1 2 1 0 ffffb38013cb4540 syz-executor.1 619 1 2 0 0 ffffb38013c83940 syz-executor.3 613 1 2 0 0 ffffb38013c830c0 syz-executor.4 413 1 2 1 0 ffffb38013c6c900 syz-executor.2 556 1 2 1 0 ffffb38013c6c4c0 syz-executor.0 45 1 2 0 0 ffffb38013c6c080 syz-executor.5 559 10 3 0 80 ffffb38013c608c0 syz-execprog parked 559 9 3 1 80 ffffb38013c60480 syz-execprog kqueue 559 8 3 0 80 ffffb38013c60040 syz-execprog parked 559 7 3 1 80 ffffb380135bcbc0 syz-execprog parked 559 6 3 1 80 ffffb38011ef9600 syz-execprog parked 559 5 2 0 0 ffffb38012b91680 syz-execprog 559 4 3 0 80 ffffb38012b91240 syz-execprog parked 559 3 3 1 80 ffffb38012c96a80 syz-execprog parked 559 2 3 1 80 ffffb38012c96640 syz-execprog parked 559 1 3 1 80 ffffb380116a1b00 syz-execprog parked 41 1 3 0 80 ffffb38011c89700 sshd select 575 1 3 1 80 ffffb38012c8ba40 getty nanoslp 571 1 3 0 80 ffffb38012c8b600 getty nanoslp 531 1 3 1 80 ffffb38012c96200 getty nanoslp 423 1 3 0 80 ffffb38012c80180 getty ttyraw 464 1 3 1 80 ffffb38012bb1b00 cron nanoslp 536 1 3 0 80 ffffb38012c078c0 inetd kqueue 494 1 3 0 80 ffffb380121bda00 sshd select 454 1 3 1 80 ffffb38012172480 powerd kqueue 466 1 2 0 0 ffffb38012103600 makemandb 195 1 3 1 80 ffffb38012bd6700 syslogd kqueue 278 1 3 1 80 ffffb38012165340 dhcpcd kqueue 180 1 3 1 80 ffffb380120628c0 dhcpcd kqueue 1 1 3 0 80 ffffb38011e2d540 init wait 0 29 3 0 204 ffffb38011e84140 physiod physiod 0 48 3 0 204 ffffb38011e86180 pooldrain pooldrain 0 47 2 0 200 ffffb38011e849c0 ioflush 0 46 3 1 200 ffffb38011e84580 pgdaemon pgdaemon 0 44 2 0 200 ffffb38011e2d980 npfgc-0 0 43 3 1 204 ffffb38011e2d100 rt_free rt_free 0 42 3 1 204 ffffb38011e24940 unpgc unpgc 0 41 2 0 200 ffffb38011e24500 key_timehandler 0 40 3 1 204 ffffb38011e240c0 icmp6_wqinput/1 icmp6_wqinput 0 39 3 0 204 ffffb38011e1b900 icmp6_wqinput/0 icmp6_wqinput 0 38 3 1 204 ffffb38011e1b4c0 nd6_timer nd6_timer 0 37 3 1 204 ffffb38011e1b080 carp6_wqinput/1 carp6_wqinput 0 36 3 0 204 ffffb38011e168c0 carp6_wqinput/0 carp6_wqinput 0 35 3 1 204 ffffb38011e16480 carp_wqinput/1 carp_wqinput 0 34 3 0 204 ffffb38011e16040 carp_wqinput/0 carp_wqinput 0 33 3 1 204 ffffb38011c8ebc0 icmp_wqinput/1 icmp_wqinput 0 32 3 0 204 ffffb38011c8e780 icmp_wqinput/0 icmp_wqinput 0 31 3 1 204 ffffb38011c8c300 rt_timer rt_timer 0 30 3 0 204 ffffb38011c8e340 vmem_rehash vmem_rehash 0 28 3 0 204 ffffb3800f35dac0 scsibus0 sccomp 0 27 3 0 200 ffffb3800f35d680 pms0 pmsreset 0 26 3 1 204 ffffb3800f35d240 xcall/1 xcall 0 25 1 1 200 ffffb3800f35ca80 softser/1 0 24 1 1 200 ffffb3800f35c640 softclk/1 0 23 1 1 200 ffffb3800f35c200 softbio/1 0 22 1 1 200 ffffb3800f26ea40 softnet/1 0 21 1 1 201 ffffb3800f26e600 idle/1 0 20 3 0 204 ffffb3800f26e1c0 lnxpwrwq lnxpwrwq 0 19 3 0 204 ffffb3800f26ca00 lnxlngwq lnxlngwq 0 18 3 0 204 ffffb3800f26c5c0 lnxsyswq lnxsyswq 0 17 3 0 204 ffffb3800f26c180 lnxrcugc lnxrcugc 0 16 3 0 204 ffffb3800de4f9c0 sysmon smtaskq 0 15 3 0 204 ffffb3800de4f580 pmfsuspend pmfsuspend 0 14 3 0 204 ffffb3800de4f140 pmfevent pmfevent 0 13 3 0 204 ffffb3800de40980 sopendfree sopendfr 0 12 3 0 204 ffffb3800de40540 iflnkst iflnkst 0 11 3 0 204 ffffb3800de40100 nfssilly nfssilly 0 10 2 1 200 ffffb3800de34940 cachegc 0 9 3 0 204 ffffb3800de34500 vdrain vdrain 0 8 3 0 200 ffffb3800de340c0 modunload mod_unld 0 7 3 0 204 ffffb3800de24900 xcall/0 xcall 0 6 1 0 200 ffffb3800de244c0 softser/0 0 5 1 0 200 ffffb3800de24080 softclk/0 0 4 1 0 200 ffffb3800de218c0 softbio/0 0 3 1 0 200 ffffb3800de21480 softnet/0 0 2 1 0 201 ffffb3800de21040 idle/0 0 > 1 7 1 200 ffffffff82b6eec0 swapper [Locks tracked through LWPs] ****** LWP 1237.1 (syz-executor.5) @ 0xffffb3801219a100, l_stat=2 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at uvm_obj_init) lock address : 0xffffb38011c6b940 type : sleep/adaptive initialized : 0xffffffff8110ca00 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 1 relevant cpu : 0 last held: 1 relevant lwp : 0xffffb3801219a100 last held: 0xffffb38011f4a240 last locked* : 0xffffffff811009db unlocked : 0xffffffff810ede32 owner/count : 000000000000000000 flags : 000000000000000000 Turnstile: no active turnstile for this lock. ****** LWP 1226.1 (syz-executor.2) @ 0xffffb380120c3580, l_stat=7 *** Locks held: * Lock 0 (initialized at amap_ctor) lock address : 0xffffb38013c84940 type : sleep/adaptive initialized : 0xffffffff810e00f3 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffb380120c3580 last held: 0xffffb380120c3580 last locked* : 0xffffffff810ef0d4 unlocked : 0xffffffff810ede55 owner/count : 0xffffb380120c3580 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. * Lock 1 (initialized at pmap_ctor) lock address : 0xffffb380120f8980 type : sleep/adaptive initialized : 0xffffffff802772c1 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffb380120c3580 last held: 0xffffb380120c3580 last locked* : 0xffffffff80278f1f unlocked : 0xffffffff80279c65 owner field : 0xffffb380120c3580 wait/spin: 0/0 Turnstile: no active turnstile for this lock. *** Locks wanted: * Lock 0 (initialized at pool_init) lock address : 0xffffffff82da2bb0 type : sleep/adaptive initialized : 0xffffffff81215609 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 1 relevant cpu : 0 last held: 1 relevant lwp : 0xffffb380120c3580 last held: 0xffffb38011f4a240 last locked* : 0xffffffff81217e5c unlocked : 0xffffffff81217f23 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 613.1 (syz-executor.4) @ 0xffffb38013c830c0, l_stat=2 *** Locks held: * Lock 0 (initialized at uvm_map_setup) lock address : 0xffffb380135ac488 type : sleep/adaptive initialized : 0xffffffff8110078d shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffb38013c830c0 last held: 0xffffb38013c830c0 last locked* : 0xffffffff810fa684 unlocked : 0xffffffff810f14d1 owner/count : 0xffffb38013c830c0 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. *** Locks wanted: * Lock 0 (initialized at uvm_amap_init) lock address : 0xffffffff82d8e2c0 type : sleep/adaptive initialized : 0xffffffff810e0344 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 1 relevant cpu : 0 last held: 0 relevant lwp : 0xffffb38013c830c0 last held: 000000000000000000 last locked : 0xffffffff810e013b unlocked*: 0xffffffff810e01ac owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 45.1 (syz-executor.5) @ 0xffffb38013c6c080, l_stat=2 *** Locks held: * Lock 0 (initialized at uvm_map_setup) lock address : 0xffffb38011e355c8 type : sleep/adaptive initialized : 0xffffffff8110078d shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffb38013c6c080 last held: 0xffffb38013c6c080 last locked* : 0xffffffff810fa684 unlocked : 0xffffffff810f14d1 owner/count : 0xffffb38013c6c080 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. *** Locks wanted: none ****** LWP 0.12 (iflnkst) @ 0xffffb3800de40540, l_stat=3 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff82d90140 type : sleep/adaptive initialized : 0xffffffff8117f222 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffb3800de40540 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. ****** LWP 0.5 (softclk/0) @ 0xffffb3800de24080, l_stat=1 *** Locks held: none *** Locks wanted: * Lock 0 (initialized at module_hook_init) lock address : 0xffffffff82d90140 type : sleep/adaptive initialized : 0xffffffff8117f222 shared holds : 0 exclusive: 0 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffb3800de24080 last held: 000000000000000000 last locked : 000000000000000000 unlocked*: 000000000000000000 owner field : 000000000000000000 wait/spin: 0/0 Turnstile: no active turnstile for this lock. [Locks tracked through CPUs] PAGE FLAG PQ UOBJECT UANON 0xffffb38000014180 0041 00000000 0x0 0x0 0xffffb380000141f8 0041 00000000 0x0 0x0 0xffffb38000014270 0041 00000000 0x0 0x0 0xffffb380000142e8 0041 00000000 0x0 0x0 0xffffb38000014360 0041 00000000 0x0 0x0 0xffffb380000143d8 0041 00000000 0x0 0x0 0xffffb38000014450 0041 00000000 0x0 0x0 0xffffb380000144c8 0041 00000000 0x0 0x0 0xffffb38000014540 0041 00000000 0x0 0x0 0xffffb380000145b8 0041 00000000 0x0 0x0 0xffffb38000014630 0041 00000000 0x0 0x0 0xffffb380000146a8 0041 00000000 0x0 0x0 0xffffb38000014720 0041 00000000 0x0 0x0 0xffffb38000014798 0041 00000000 0x0 0x0 0xffffb38000014810 0041 00000000 0x0 0x0 0xffffb38000014888 0041 00000000 0x0 0x0 0xffffb38000014900 0041 00000000 0x0 0x0 0xffffb38000014978 0041 00000000 0x0 0x0 0xffffb380000149f0 0041 00000000 0x0 0x0 0xffffb38000014a68 0041 00000000 0x0 0x0 0xffffb38000014ae0 0041 00000000 0x0 0x0 0xffffb38000014b58 0041 00000000 0x0 0x0 0xffffb38000014bd0 0041 00000000 0x0 0x0 0xffffb38000014c48 0041 00000000 0x0 0x0 0xffffb38000014cc0 0041 00000000 0x0 0x0 0xffffb38000014d38 0041 00000000 0x0 0x0 0xffffb38000014db0 0041 00000000 0x0 0x0 0xffffb38000014e28 0041 00000000 0x0 0x0 0xffffb38000014ea0 0041 00000000 0x0 0x0 0xffffb38000014f18 0041 00000000 0x0 0x0 0xffffb38000014f90 0041 00000000 0x0 0x0 0xffffb38000015008 0041 00000000 0x0 0x0 0xffffb38000015080 0041 00000000 0x0 0x0 0xffffb380000150f8 0041 00000000 0x0 0x0 0xffffb38000015170 0041 00000000 0x0 0x0 0xffffb380000151e8 0041 00000000 0x0 0x0 0xffffb38000015260 0041 00000000 0x0 0x0 0xffffb380000152d8 0041 00000000 0x0 0x0 0xffffb38000015350 0041 00000000 0x0 0x0 0xffffb380000153c8 0041 00000000 0x0 0x0 0xffffb38000015440 0041 00000000 0x0 0x0 0xffffb380000154b8 0041 00000000 0x0 0x0 0xffffb38000015530 0041 00000000 0x0 0x0 0xffffb380000155a8 0041 00000000 0x0 0x0 0xffffb38000015620 0041 00000000 0x0 0x0 0xffffb38000015698 0041 00000000 0x0 0x0 0xffffb38000015710 0041 00000000 0x0 0x0 0xffffb38000015788 0041 00000000 0x0 0x0 0xffffb38000015800 0041 00000000 0x0 0x0 0xffffb38000015878 0041 00000000 0x0 0x0 0xffffb380000158f0 0041 00000000 0x0 0x0 0xffffb38000015968 0041 00000000 0x0 0x0 0xffffb380000159e0 0041 00000000 0x0 0x0 0xffffb38000015a58 0041 00000000 0x0 0x0 0xffffb38000015ad0 0041 00000000 0x0 0x0 0xffffb38000015b48 0041 00000000 0x0 0x0 0xffffb38000015bc0 0041 00000000 0x0 0x0 0xffffb38000015c38 0041 00000000 0x0 0x0 0xffffb38000015cb0 0041 00000000 0x0 0x0 0xffffb38000015d28 0041 00000000 0x0 0x0 0xffffb38000015da0 0041 00000000 0x0 0x0 0xffffb38000015e18 0041 00000000 0x0 0x0 0xffffb38000015e90 0041 00000000 0x0 0x0 0xffffb38000015f08 0041 00000000 0x0 0x0 0xffffb38000015f80 0041 00000000 0x0 0x0 0xffffb38000015ff8 0041 00000000 0x0 0x0 0xffffb38000016070 0041 00000000 0x0 0x0 0xffffb380000160e8 0041 00000000 0x0 0x0 0xffffb38000016160 0041 00000000 0x0 0x0 0xffffb380000161d8 0041 00000000 0x0 0x0 0xffffb38000016250 0041 00000000 0x0 0x0 0xffffb380000162c8 0041 00000000 0x0 0x0 0xffffb38000016340 0041 00000000 0x0 0x0 0xffffb380000163b8 0041 00000000 0x0 0x0 0xffffb38000016430 0041 00000000 0x0 0x0 0xffffb380000164a8 0045 00000000 0x0 0x0 0xffffb38000016520 0041 00000000 0x0 0x0 0xffffb38000016598 0045 00000000 0x0 0x0 0xffffb38000016610 0041 00000000 0x0 0x0 0xffffb38000016688 0041 00000000 0x0 0x0 0xffffb38000016700 0045 00000000 0x0 0x0 0xffffb38000016778 0045 00000000 0x0 0x0 0xffffb380000167f0 0041 00000000 0x0 0x0 0xffffb38000016868 0045 00000000 0x0 0x0 0xffffb380000168e0 0045 00000000 0x0 0x0 0xffffb38000016958 0045 00000000 0x0 0x0 0xffffb380000169d0 0045 00000000 0x0 0x0 0xffffb38000016a48 0045 00000000 0x0 0x0 0xffffb38000016ac0 0045 00000000 0x0 0x0 0xffffb38000016b38 0045 00000000 0x0 0x0 0xffffb38000016bb0 0045 00000000 0x0 0x0 0xffffb38000016c28 0041 00000000 0x0 0x0 0xffffb38000016ca0 0045 00000000 0x0 0x0 0xffffb38000016d18 0041 00000000 0x0 0x0 0xffffb38000016d90 0045 00000000 0x0 0x0 0xffffb38000016e08 0045 00000000 0x0 0x0 0xffffb38000016e80 0041 00000000 0x0 0x0 0xffffb38000016ef8 0041 00000000 0x0 0x0 0xffffb38000016f70 0045 00000000 0x0 0x0 0xffffb38000016fe8 0041 00000000 0x0 0x0 0xffffb38000017060 0041 00000000 0x0 0x0 0xffffb380000170d8 0041 00000000 0x0 0x0 0xffffb38000017150 0041 00000000 0x0 0x0 0xffffb380000171c8 0041 00000000 0x0 0x0 0xffffb38000017240 0041 00000000 0x0 0x0 0xffffb380000172b8 0041 00000000 0x0 0x0 0xffffb38000017330 0041 00000000 0x0 0x0 0xffffb380000173a8 0041 00000000 0x0 0x0 0xffffb38000017420 0041 00000000 0x0 0x0 0xffffb38000017498 0041 00000000 0x0 0x0 0xffffb38000017510 0041 00000000 0x0 0x0 0xffffb38000017588 0041 00000000 0x0 0x0 0xffffb38000017600 0041 00000000 0x0 0x0 0xffffb38000017678 0041 00000000 0x0 0x0 0xffffb380000176f0 0041 00000000 0x0 0x0 0xffffb38000017768 0041 00000000 0x0 0x0 0xffffb380000177e0 0041 00000000 0x0 0x0 0xffffb38000017858 0041 00000000 0x0 0x0 0xffffb380000178d0 0041 00000000 0x0 0x0 0xffffb38000017948 0041 00000000 0x0 0x0 0xffffb380000179c0 0041 00000000 0x0 0x0 0xffffb38000017a38 0041 00000000 0x0 0x0 0xffffb38000017ab0 0041 00000000 0x0 0x0 0xffffb38000017b28 0041 00000000 0x0 0x0 0xffffb38000017ba0 0041 00000000 0x0 0x0 0xffffb38000017c18 0041 00000000 0x0 0x0 0xffffb38000017c90 0041 00000000